Heartbleed bug and solutions

Heartbleed
While the title sounds more like a metal band or a dangerous heart condition, this one has to do with a web vulnerability. This bug allows malicious users to see various information that is normally secured like usernames, passwords, credit card numbers, etc. In other words, it’s a very serious problem.

Most website providers should have patched their systems by the time you are reading this if they were impacted by this issue. However, here are a few resources you can check to make sure the sites you visit are patched.

Heartbleed Test (Filippo Valsorda)
Heartbleed Bug Websites Affected (Mashable)
Top 10,000 sites that were affected
Google Chrome Heartbleed plug-in

How can you protect yourself? Normally in these situations, changing your password is the first choice. While that is a good idea, make sure the site is patched or not affected before changing it. Use a long password with uppercase, lowercase, numbers and symbols if they allow. I recommend using a password manager like 1Password which can help you generate and remember strong passwords.

Websites are not the only things that are affected by this bug. Many internet modems and routers offer secure remote management which could be at risk. If you have this feature turned on (normally it’s disabled by default), you may want to disable it and check with the manufacturer to see if there is an update that fixes it.

Here are a few of the bulletins from these manufacturers regarding their equipment and the Heartbleed bug.

Note: I was not able to find any official information on Netgear routers regarding Heartbleed.

Cisco
D-Link
Juniper
Linksys

For the technical details of this bug, check out the Heartbleed website.

http://heartbleed.com/

Have you found sites that are still not patched? What about your online banking and shopping sites? Post your feedback in the comments section below.

Leave A Comment?

twenty − 14 =